home

_eupdate_13.3.2.2700.exe

Skytouch Technology Co., Limited

The application _eupdate_13.3.2.2700.exe by Skytouch Technology Co., Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Skytouch Technology Co., Limited  (signed and verified)

Version:
10.2.0.2610

MD5:
42d781277ee5a76a5ecce9a57abf2dfb

SHA-1:
c6deb18d02d028c9389c263a7eb0aa1043b68d8e

SHA-256:
800021a2da62ee1dbb7c404f1d862d42017db73b29e274be59e475d0c91592b6

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/24/2024 7:43:15 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX.SkytouchTechnologyCo (M)
16.1.14.2

File size:
647.6 KB (663,160 bytes)

Product version:
10.2.0.2610

Copyright:
Copyright (C) 2013

Original file name:
eUpdate.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\esafe\_eupdate_13.3.2.2700.exe

Digital Signature
Signed by:
Skytouch Technology Co., Limited

Authority:
GlobalSign nv-sa

Valid from:
7/8/2013 10:29:59 AM

Valid to:
7/9/2014 10:29:59 AM

Subject:
CN="Skytouch Technology Co., Limited", O="Skytouch Technology Co., Limited", L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216078022FA91C0EB61326E0E8FDBE9C30

File PE Metadata
Compilation timestamp:
8/21/2013 1:11:53 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:Js/Suzymhx/bJfrRBHaDeeRDiDku5T3yIf4aEWi2YR69kYxgR1FO5+BL:nITl3aeeRDtu5DyaDpHC1FOcBL

Entry address:
0x13879D

Entry point:
52, C6, 04, 24, F6, 51, C7, 44, 24, 04, A4, D6, 95, 95, 60, C7, 44, 24, 20, E8, 40, 45, 52, 52, 68, BB, 80, 1A, B3, 68, 56, 6D, A9, B6, 8D, 64, 24, 2C, E9, 14, 36, 02, 00, 63, CB, 2F, 0A, 4B, FA, 20, 61, 03, A6, A5, D6, B4, 47, B8, D7, 77, C7, 77, 97, 92, 69, 66, A1, 72, D0, 75, 2D, BF, 3D, 9C, 52, FE, EA, 72, DB, 95, 83, 1C, 41, EE, D0, A0, 91, 6B, 51, A1, 2A, A1, 72, 9B, 0A, 19, 16, 71, 82, 37, 55, A0, 55, A8, 5E, BE, E1, 5D, 0B, 8D, 32, F4, 7B, 80, E6, E9, 8E, A9, A3, B4, 1C, 52, C1, FE, FE, 90, B3, 36...
 
[+]

Code size:
129 KB (132,096 bytes)

Remove _eupdate_13.3.2.2700.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.